Ibec Privacy Statement

We at Ibec respect your right to privacy and comply with our obligations under the General Data Protection Regulation. The purpose of this Privacy Statement is to set out how we deal with personal data provided to Ibec while visiting the Ibec website - www.ibec.ie and other individual Ibec group and trade association websites under Ibec management -view a list of other Ibec sites

Any links to other external websites are clearly identifiable as such, and Ibec has no responsibility for the content or the privacy policies of these other websites. While we take care of the safety of information on our websites on an ongoing basis, if you are not happy with this Privacy Statement you should not use any of our websites.

Ibec isIbec is a membership-based organisation for businesses operating in Ireland. It is the largest business representative body in Ireland and comprises over 40 trade associations representing most industry sectors operating in Ireland.

Ibec Trade Association and Policy group websitesIbec trade associations and policy groups are peopled by Ibec members in specific sectors and areas of economic activity. Each trade association and policy group operates within and is managed and administered by Ibec while retaining its own separate identity and purpose. Ibec is therefore the data controller for each of the listed Ibec managed websites.

IBEC PERSONAL DATA COLLECTION AND MANAGEMENT

1. Types of information collected by Ibec

We collect and further process two types of information:

"Personal Data"This is data that identifies you or can be used to identify or contact you and may include your name, address, e-mail address, user IP addresses in circumstances where they have not been deleted, clipped or anonymised and telephone number. Such information is only collected from you if you voluntarily submit it to use and we use it to deliver Ibec services and information to you. Ibec collects personal data in the following circumstances.

Under the Ibec membership contract member organisations are asked to nominate named contacts in their business/ organisation with whom Ibec may communicate with to provide Ibec services. These contact details are collected on a business to business basis and the legal basis for such data protection is to facilitate the necessary performance of the membership contract.

In addition, member companies may provide employee details to Ibec when seeking training services from Ibec.

Other personal data processed by Ibec are for attending Ibec events and training courses, and communicating with policy, media and other stakeholders with whom Ibec communicates as part of its role as a lobby organisation.

We will also have supplier contact details which will contain individual names. In addition, Ibec processes personal data of employees.

The Ibec websites are not intended for children and we do not knowingly collect data relating to children.

"Non-Personal Data"Like most websites, we gather statistical and other analytical information collected on an aggregate basis of all visitors to our website. This Non-Personal Data comprises information that cannot be used to identify or contact you, such as demographic information regarding, for example, user IP addresses where they have been clipped or anonymised, browser types and other anonymous statistical data involving the use of our website.

2. Purposes for which we hold your Information

Non-Personal Data:We use the Non-Personal Data gathered from visitors to our website in an aggregate form to get a better understanding of where our visitors come from and to help us better design and organise our website.

Personal Data:We will process any Personal Data you provide to us for the following purposes:

to contact you if we are to respond to any communications from you

to confirm your identity

to process any orders from you i.e. membership application, event bookings, training or publication purchase

to review and update our membership contact details

to notify you of changes and updates to our services and to our websites

to be used in statistical reporting regarding our web activities

to provide you with eZines and newsletters for which you subscribe (please see section 6 for further details)

to provide you with training which either you or your employer have requested

to be considered for annual Awards

SFA only

to display your company and contact information in the Member directory, member adverts and/or member spotlights section of the SFA website (if you have chosen to participate).

MembersIbec uses member contact and other relevant personal information to provide membership services to member companies. These services, and any personal information given to enable their provision, are provided under the Ibec membership contract

It is core to Ibec membership services that Ibec communicates with its members to keep them informed and up to date on what we are doing on their behalf and to seek their views and input (including membership surveys) on issues of relevance.

While Ibec member interactions are business to business, they contain - principally via member contact details - some personal data. The relevant legal basis for processing any such personal data in Ibec member communications is contractual and membership necessity.

Ibec relies on its legitimate interest as a business representative organisation to represent its members and also to provide information on a range of lobbying and policy development issues and initiatives to officials (national, European and international), commentators, media, trade unions, other employer representatives and other similar stakeholders.

Ibec provides information, training and events to non-members who enquire, generally via the website in the first instance. Non-members may also contact Ibec via the phone or via personal interaction with an Ibec staff member. Non-members includes individuals attending Ibec training or events in their personal capacity. We rely on consent and contractual necessity for those communications.

Employer Relations DivisionThe Ibec employer relations advisory service processes personal data only in so far as is necessary to advise and represent the member employer. Ibec ensures by its management and internal policies and employment obligations, that the Ibec staff processing that personal data are committed to confidentiality. There are access controls in place to ensure that;

relevant staff members within the employer relations division have access to case files and general files and

that confidentiality is respected and maintained within the division.

Ibec data retention procedures ensure that the information is kept for no longer than is necessary.

Ibec does not generally engage third-party contractors to assist with employer relations advices and representation however if and when it does so it will ensure it has sufficient contractor guarantees on data privacy protection.

Trade associationsIbec manages over 40 trade associations. Communications with and within these trade associations are business to business communications but will also involve the name and other contact details from member organisations individual nominees, expert advisers and suppliers as well as contact details for media, policy and other relevant stakeholders. These contact details are used for member interactions, member to member networking, lobbying, and information and project development. Trade association contact details will be reviewed annually by each trade associations and are deleted where no longer relevant or necessary to keep.

Employees and Job candidates If you apply to work with Ibec we will use the personal data you give us during the recruitment process and will retain it for one year after your recruitment process ends unless otherwise obliged by law to retain it. We will only share it with our recruitment agencies and contractors if they are party to the process and to check references with third-parties nominated by you. We may keep de-personalised recruitment statistics for our own internal purposes but none of this data will identify you.

Events When you attend an Ibec event, we will need your name, email address, payment information and, in some cases, your dietary preferences. This information is necessary and used by us in organising and administering the event. We delete event attendance data within a maximum of 14 months (and maybe less depending on the event). if the event is an annual event we will hold your contact details to let you know when it is next being held. We normally handle Ibec events ourselves but individual Ibec trade associations occasionally use event managers who are GDPR compliant. Where this happens, we ask those external event managers to display their privacy statement to those with whom they interact with on Ibec's behalf. If you are a speaker at an Ibec event, we will publicly promote your involvement via Twitter, LinkedIn, media interviews, emails and webinars. This data may continue to be processed by those platform providers after the event has ended.

TrainingIbec provides management training programmes to members. We also provide and manage training programmes and initiatives which are funded in part by or provided to the State which are open also to non Ibec members. Ibec training programmes may involve other third-party contractors to Ibec or maybe provided in association with other programme operators. Where this happens Ibec will have an agreement in place with the other third party which will honour and protect the data privacy rights of training participants. These rights are set down later in this privacy statement.

3. Disclosure of information to third partiesWe may provide Non-Personal Data to third parties, where such information is combined with similar information of other users of our website. For example, we occasionally inform third parties - usually sponsors of Ibec events and initiatives - of the number of unique users who visit our websites, the demographic breakdown of our community users of our websites, or the activities that visitors to our website engage in while on our website.

We will not disclose your Personal Data to third parties unless you have consented to our doing so. We will, however, disclose your Personal Data if we believe in good faith that we are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court, workplace relations forum, regulatory order, or other statutory requirement.

We may occasionally transfer personal data outside the EEA but will not do so without your permission nor without appropriate assurances on the adequacy of data privacy protection commitments.

4. SecurityYour Personal Data is held on secure servers which are hosted by ourselves in accordance with our data retention schedule. The nature of the Internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the Internet. No data transmission over the Internet can be guaranteed to be 100% secure. Any transmission of data is therefore at your own risk. Once we receive your data, we use appropriate technical and physical security measures, including firewalls and anti-virus protection to protect your personal data, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to. Our suppliers are also required to use appropriate data protection compliance measures. We will continue to revise policies and implement additional security features as new technologies become available

Credit card details processed on line are via a secure on-line payment and Ibec does not have access to this information. However, credit card payments by via telephone/email/fax will only be retained until payment for the event has been successfully completed.

5. Retention

MembersWe keep employer relations files for seven years from file closure. We keep member contacts for as long as the member organisation remains and Ibec member and we review contact lists annually across Ibec.We keep finance information for invoicing purposes for seven years as required by revenue.

Non-membersWe keep non-member personal data for the duration of the training or event you have attended.We retain contact details for events for up to 14 months after the event attended by the non Ibec member. This allows us to let you know when the event is next held which maybe annually.

We will keep training data for as long as is necessary to provide the training in question and to deal with outstanding financial, exam or accreditation details.

Where you as a non-member have enquired about Ibec services and have consented to us communicating further with you we will keep your contact details for up to 14 months.

If you unsubscribe from Ibec communications, we will delete your contact details promptly.

6. Newsletters and eZinesYou can subscribe to a number of newsletters and eZines on our website, for example Ibec Agenda and Ibec HRLink, by completing the relevant online subscription forms. When you complete these forms, we record and save the content you input. We use this data to:

send you the newsletters; and

analyse the number of subscribers and the types of industries that are interested in our publications in order to tailor future content.

In our newsletters and eZines we use invisible 1×1 pixel tags, known as 'clear pixels'. We use these clear pixels to send our messages in an easy-to-read format and to tell us whether our email has been opened or not. We also use this information in aggregated form to give us an indication of the popularity of content and to help us make decisions about future content and formatting. For more information on our use of clear pixels please see our cookie policy.

If you want to stop receiving our newsletters or eZines, you may do so at any time by using the Unsubscribe link in every issue. Your email address may be retained to ensure you no longer receive communications from which you have unsubscribed.7. CookiesOur website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also helps us to improve our site. For more information on cookies, please see our cookie policy.

8. Your rights Ibec membership rights are set out in the Ibec membership contract. As a non-member, when we use your personal data to provide you with Ibec non-member services (such as events, information or training), you have the following rights: The right to;

be informed about processing of your data – which this Privacy Statement does

access your personal data

object to personal data processing

object to any direct marketing – either use the ‘unsubscribe’ button on our emails or contact us directly by email to dataprivacyoffice@ibec.ie

personal data portability – if and when it arises

have your data rectified if its inaccurate

erasure (in some circumstances)

have your data restricted or blocked from processing where appropriate

To exercise any of these rights, please email us at dataprivacyoffice@ibec.ie. If you are not happy with the way we have handled your data, and are unable to resolve the issue with us personally, you can complain to the Data Protection Commissioner

9. Changes to the privacy statementAny changes to this Privacy Statement will be posted on this website so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any time we decide to use Personal Data in a manner significantly different from that stated in this Website Privacy Statement, or otherwise disclosed to you at the time it was collected, we will notify you by e-mail, and you will have a choice as to whether or not we use your information in the new manner.

10. Questions If you have any questions regarding the above statement please contact us at dataprivacyoffice@ibec.ie